BANGALORE,INDIA: The year 2009 was witness to a remarkable rise in the incidence of spam, phishing, botnet activity, and malware. So what is store for 2010? Is it going to be a safer 2010?

Not indeed. It can go worse if proper measures are not put in place at least now, security experts   caution.

We have all seen that the cyber criminals have only got smarter and smarter every passing year. The cyber attacks which onces used to be made for 'Reputation' by the underworld are today more concentrated on making fast bucks. Security companies have been underscoring that the underground economy is geographically diverse. The secretive economy has also shown the ability to generate millions of dollars in revenue for cyber criminals.
 
As per a recent estimate by Symantec the value of total advertising goods on underground economy servers was over $276 million in 2009. Says Shantanu Ghosh, VP, India Product Operations, Symantec, “The security threats in 2010 are likely to be nastier, more targeted and more frequent, with malware and cyber-crime being almost exclusively driven by organized crime and motivated by money.”

Hackers, after succeeding in duping the unsuspecting user, are investing in sophisticated and automated ways to run their operations. Experts say it can be safely predicted that in 2010 the threat environment will witness higher volumes of web-threats and be even more transient, agile and organized.

Applications

The growth of mobile application sites has become one prominent hurdle in the fight against hacking. Today, iPhone and BlackBerry users have an unprecedented number of third-party applications available for their enterprise handhelds. According to a recent study from Jupiter Research Inc., mobile application downloads are expected to reach 20 billion annually by 2014. Network security pros will face mounting challenges from a rising tide of mobile apps touching private networks and information.
 
As mobile devices and third-party applications proliferate, they pose a number of security risks for the enterprise, perhaps most notably serving as a platform for the distribution of malware and unauthorized access to private information. Since IT shops already report mounting internal pressure to integrate and support third-party apps, their options for defending against related threat vectors are constricted.
 
Cloud Threat: Crime as a service!

Further adoption of cloud, social media and virtualization technologies are expected to blur the network parameter, while new cyber criminal methods such as ransomware and crime as a service will lure in unsuspecting users and threaten the enterprise at large.

Experts strongly suggest that the security postures must move from a container-centric approach that is tied to a physical locale to a data and information-centric security design. To do this, organizations – large and small – should consider a layered, centralized security solution that provides multiple security touch points within the network, rather than around it, in order to protect their information from outside in and inside out.

Threats today are quite blended, arriving through many attack vectors and associated with many working components. This has proven to be a successful model as cyber criminals look to effectively infiltrate machines and bypass any security measures that may be in place. Botnets have long used this technique to obfuscate and pack their malicious binary code to evade detection.

Experts with Fortinet predict that 2010 can witness botnets continue to attempt to evade detection beyond the binary, with a focus on network communication. The attacks can come in the form of piggybacking on legitimate protocols, communication encryption, authentication, and obfuscation.

Already we have seen botnets communicating through Twitter and Google groups. Certainly this scope will expand threatening the cyber landscapes.